CVE-2024-37661

Exploit

EPSS 0.05%
Veröffentlicht 17.06.2024 18:15:17
Zuletzt bearbeitet 06.06.2025 17:09:35
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Tp-link ≫ Tl-7dr5130 Firmware Version1.0.23

Tp-link ≫ Tl-7dr5130 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.134

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.3	1.5	4.7	CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H

CWE-346 Origin Validation Error

The product does not properly verify that the source of data or communication is valid.

https://github.com/ouuan/router-vuln-report/blob/master/icmp-redirect/tl-7dr5130-redirect.md

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-37661

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-37661

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-37661

EUVD